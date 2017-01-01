Hacker News new | comments | show | ask | jobs | submit login
Show HN: GitLeaks – Search engine for exposed secrets on GitHub (gitleaks.com)
12 points by mkagenius 50 minutes ago | hide | past | web | 3 comments | favorite





I guess that's one way to get attention to your business.

Instead of informing the owners of repositories by creating an issue you create a search engine to expose them, and ask to be paid for usage of this index? The only reason someone would want those secrets is to abuse them. This is basically the only use case for the data. Why do this?

This is coming from "fallible.co" whose homepage says "Prevented 40 million+ users personal data leaks". So you are in the business of making sure people's information does not get leaked, and at the same time expose people's secrets?

reply


Are there any legal ramifications for operating something like this?

I know it's publicly available info but since the original creator of the information didn't directly give it to you, do you still have the usual immunity given to service providers?

Also, just because something is on $PUBLIC_URL doesn't mean the copyright would allow you redistribute it. I'm sure a lot of these projects have either a private license, or more likely, no license at all.

reply


Didn't take long from the proggit/HN 'removed password' post to gitleaks:

$ whois gitleaks.com | grep Creation

Creation Date: 06-feb-2017

reply




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: